梁祝小提琴协奏曲

这两天反复在听梁祝的小提琴协奏曲，喜欢的紧。其实初衷是这个曲子近半个小时，很长时间不用换，呵呵，二泉映月也很喜欢，只是才7分钟。以前在udayton的小剧院听过一次梁祝的现场演奏，当时感觉非常好，但那种震撼随时间的推移而淡化了。梁祝的故事从小听到大，虽然是乐盲，还是能猜出各个段落代表的含义，其中发现十八相送之后那一大段疾风骤雨般的章节和楼台会及抗婚的段落很有越剧的风格，特别是其中的有快板那一段，完全就是一小段越剧。也难怪，梁祝故事本身就发生在上虞和杭州，而且作曲家之一何占豪原来是在越剧团里拉二胡的，虽然根据一些文章记载（http://baike.baidu.com/view/14011.htm#4），当初他自己不觉得这段经历有帮助。

我妈最爱看越剧，我外婆最爱看戏，于是我也跟着看过一些。梁祝的故事发生在杭州的万松书院，在杭州的时候没去过。以前以为北宋大儒张载是万松书院的，现在发现不是，那是陕西的横渠书院。横渠四句“为天地立心，为生民立命，为往圣继绝学，为万世开太平”一直谨记在心。

Shittest day. Lots of shit happened.

昨天在atlanta的craigslist上看到一个htc G1的deal, 就跟卖家约定今天晚上7点后在一个地址见面. 家里没米了, 刚好可以顺带去一下Atlanta的亚洲超市, 中午跟室友一说, 刚好下午他也有空, 就准备下午4,5点钟出发去Atlanta. 从Clemson到Atlanta要两个小时, 我们计划坐4:18pm的公车从学校回家, 然后开车先去买手机, 然后去Farmer's market买米买菜, 接着找家餐馆吃一顿,然后开回家. 这是所谓的perfect plan. Then, loads of shit happened, tick tick.

4:10pm, 实验室里耽搁了一会, 4:13pm奔向公车站, 细雨中狂奔400米, 发现这班公车早到, 加快步伐, 差几步眼看公交车关门, 缓缓驶离, 室友在车上看着我错过. 干等半个小时, 坐下一班.

5:10pm, 开车出发, 发现天基本黑透了, 还下雨,小心开吧. 跟卖家发短信, 可能7点半到, 卖家回复: cool. 2小时车程暂且不表, 开到Atlanta市中心, 发现给的地址是豪华的Marriot酒店, 找了旁边的另一家酒店的停车库, 拿了一张parking ticket, 就是记录进入时间的那种卡片, 进酒店大厅等. 此时近7:50pm, 给卖家打很多个电话, 无人接, 发短信没反应, 干等半小时, 喝了一杯咖啡, 放弃, 去超市买菜吧.

走到停车库门口, 发现parking ticket不见了, shit, 回想, 很可能是买咖啡时掏钱包掉出来了, 今天忘了把卡片收进钱包里, 问了一下停车库门口的mam, ticket掉了要交20刀, 算算找回来的话只要交4-5刀就够了, 折回starbucks, 店员告知, 他们捡到了ticket, 等了几分钟没人领, 就扔了, 扔到哪个垃圾桶忘了, 找了一圈, 没找到, 就对我摊摊手. So, 回到停车库, 交了20刀.

开到Farmer's Market是9点过几分, 中途接到一个电话, 结果不是卖家, 而是一个朋友. 买米买菜, 甚欢, 就是没啥海鲜, 几个柜台的鱼都卖光了, 买完接近10pm, 准备找餐馆吃饭, 室友推荐Sichuan House, 在回家的路上, GPS上没找到, 打电话给同学找到地址, 开过去, 关门了, 旁边有个steak house好像还开着. 先去加油, 结果加油管是漏的, 搞得满手汽油, 加了8加仑, 漏了就近1/3加仑. 去旁边的steak house, 好几张桌子上还有客人, 暗喜. 但接待台没人, 过两分钟一个侍应生过来说, it's after 10pm, and we are closing, sorry, if you came in 15 minutes earlier, blabla. 至少进去洗了个手, 满手油味换成了洗涤剂的味道.

出了steak house环顾四周, 基本都是关的, 心灰意冷准备直接开回家做点好的. 于是在漆黑的高速上捱饿狂奔两个小时, 中途受不了喝了杯咖啡吃了半根咸的要死的牛肉棒, 回到家是00:30am. 蒸了一袋速冻蟹黄糖包, 室友做了一个盐津肉, 总算吃了点好的.

卖家始终没有再联系, 被彻底的放了鸽子, 加上一连串的事情, 真是 shittest day. 幸好买了很多菜, 没有彻底白跑. 明天还要赶两个report, 生活还要继续.

记录一下, 以后不顺的时候可以对比一下哪次更背.

Update: 第二天早上9点钟, 突然想起来9点有appointment要去医院拿药, 只是人在家里, 而且周二错过一次这个appointment了. shit still happens.

Where am I?

我醒过来，发现躺在一个宿舍里，靠窗的一个双层铁架子床的上铺，格局跟高三的寝室一样。宿舍里就我一个人，其他床铺有的铺着床单。我下了床，看到靠门那有张单人沙发，上面堆着一个包，压着一个开着的13寸银色macbook pro。把玩了一下，没什么东西，又原样放好。窗外有一些阳光，不知何处的广播嘈杂的放着一些声音，我在想，这是在那？ 偏生脑子空荡荡的。

进来一位大妈，可能是打扫卫生的，自称姓耿。我就问，耿大妈，啊不，耿姐，这是在那，中科院？清华？浙大？ 大妈笑了笑，你这小伙，连在哪都不知道。我恍然大悟，在浙大，我在读博呢，已经念了个硕士，很有兴趣再接着读，对，在浙大。打开宿舍门，走进常见的黑黢黢的宿舍过道，过道尽头的盥洗室灯火通明，好几个光着上身的男生端着脸盆挂着毛巾进进出出，有十三，有郭波，有达达，我大声跟他们打着招呼，都回来了呀。从过道的另一头走来同一装束的一个高中同学，我用乡音打了个招呼，你也回来了呀。

这时，我又醒了一次，发现自己睡在一张靠门的单人沙发上，在实验室里，窗外的阳光亮的晃眼，屋里两张写字台，几个显示器，我缓过神来，哦，我在Clemson，而且硕士也不是在浙大念的。对了，明天要考试，要继续看课件。刚才的温馨一瞬，原来只是个连环梦。

我想我是有点想家了。

xorg-server update in gentoo

Whenever xorg-server get a major version update, such as 1.5->1.6 recently, make sure follow the tips after update and re-emerge x11-drivers.

Portage will tell you:

You must rebuild all drivers if upgrading from xorg-server 1.5 or earlier, because the ABI changed. If you cannot start X because of module version mismatch errors, this is your problem.

You can generate a list of all installed packages in the x11-drivers category using this command:
emerge portage-utils; qlist -I -C x11-drivers/

Then after executing `qlist -I -C x11-drivers/', a list of x11 drivers package will show. RE-EMERGE THEM before startx, otherwise these drivers will not work. In my case, the keyboard and mouse stops responding and it takes me one hour to fix it.

Another weird thing is that when compiling xorg-server, I have to turn off the `hal' USE flag. Otherwise the mouse and keyboard will also stop responding. This is just my experience.

sth else: keep the USE flag of perl and libperl the same, otherwise when compiling some program, it will fail and say a long list of repeated complaints like unknown variable PERL_Gth..., whose exact term I can not recall. This happens to me while I was installing inkscape. emake failed

从平原到山地

500 miles, 800公里, 从Dayton OH到Clemson SC, 从小城市到小镇,从北边到南边,从EO到CE,做了好大的转变,继续前行. 本以为孤家寡人没什么行李,结果拾掇拾掇整理出一堆,车后座堆到一人高,垃圾还是攒的很多. 小潘曾给我看的一个老头的talkshow, "My shit is stuff, their stuff is shit", 还是有些应景. 路上9个小时,前半段一直在下雨,路上就是在山里面绕来绕去,路很窄,上上下下的. 南方天气又潮又热,我这个浙江人在ohio呆了这么久都已经忘了家乡的夏天了,颇有些不习惯.

房子是已经联系好的, 2 bedroom town house, 挺满意的, 室友人很好. 环境非常乡下, 好像就是在丛林中开辟出来的一条小道和一片房子. 公交车免费, 去学校转了转, 大太阳底下按照地图找房子,更何况没有东南西北的意识,很晕,以后熟悉了就好了吧. 中午吃的是asian express, 白饭加两个炒得发甜的肉,已经是惊喜了,这比光汉堡皮萨好多了.

实验室的人都还没到,老板还在外地开会,系里的小秘没找到,这周可以过几天自在日子,下周就要开始忙了.

wpa wireless setup in gentoo

Reference: http://www.thinkwiki.org/wiki/How_to_install_wpa_supplicant


1. # echo "net-wireless/wpa_supplicant madwifi" >> /etc/portage/package.use
2. # emerge -av wpa_supplicant
3. # wpa_passphrase "ssid" "wpa_passphrase" % get the psk
4. % create /etc/wpa_supplicant.conf
# cat /etc/wpa_supplicant.conf

ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=0
eapol_version=1
# ap_scan=1 was the one for me you may try 0 or 2 indstead of 1
ap_scan=1
fast_reauth=1

network={
ssid="ssid"
proto=WPA
key_mgmt=WPA-PSK
pairwise=TKIP
group=TKIP
#psk="passphrase"
psk=xxxxx # a bunch of numbers and letters from wpa_passphrase
}


To start the network:

1. # ifconfig ath0 up
2. # wpa_supplicant -B -c /etc/wpa_supplicant.conf -iath0 -Dmadwifi
%% -B is the daemon mode, -d is the live mode
3. dhcpcd ath0

%% if dhcpcd has a time out, use `iwlist ath0 scan' to check the channel number and then change (ap_scan) in the config file. restart wpa_supplicant (if it's in daemon mode, kill the process and then restart)

浙江大学校歌MTV

浙江大学校歌

　　大不自多，海纳江河。惟学无际，际于天地。
　　形上谓道兮，形下谓器。礼主别异兮，乐主和同。
　　知其不二兮，尔听斯聪。国有成均，在浙之滨。
　　昔言求是，实启尔求真。习坎示教，始见经纶。
　　无曰已是，无曰遂真。靡革匪因，靡故匪新。
　　何以新之？开物前民。嗟尔髦士，尚其有闻。
　　念哉典学，思睿观通。有文有质，有农有工。
　　兼总条贯，知至知终。成章乃达，若金之在熔。
　　尚亨于野，无吝于宗。树我邦国，天下来同。

TestDisk saves my ass !!!

Today I accidentally did a "rm -rf *" under a folder, SHOOT!!! This is a FAT32 partition. Then I quickly unmount it and google for solution.

Then TestDisk comes to me and saves my ass! http://www.cgsecurity.org/wiki/TestDisk I emerged testdisk from gentoo portage and uses 'photorec' to undelete files. The recovered files are named randomly with a correct suffix. That's very enough for me. Great tools!

Thank this blog entry:
http://blog.lxpages.com/2007/06/21/linux-file-recovery/

BTW: for NTFS partition, ntfsundelete is useful, it's included in ntfsprogs package.

Running concurrent ML on smlnj

Check this wiki page:
http://en.wikipedia.org/wiki/Concurrent_ML

Note: 'heap2exec' is currently supported on ppc-unix (Mac OS X), and x86-unix (no amd64 support). It requires heap2asm, which is not installed by default. It can be added by editing config/targets

快过年了

离多聚少人寂寂，冬去春来柳纷纷.



500 Miles

If you miss the train I'm on
You will know that I am gone
You can hear the whistle blow a hundred miles
A hundred miles, a hundred miles, a hundred miles,
a hundred miles
You can hear the whistle blow a hundred miles

Lord, I'm one, Lord, I'm two, Lord, I'm three
Lord, I'm four, Lord, I'm five hundred miles from my home
Five hundred miles, five hundred miles, five hundred miles
five hundred miles
Lord, I'm five hundred miles from my home

Not a shirt on my back, not a penny to my name
Lord, I can't go back home this a way
This away, this away, this away, this away
Lord I can't go back home this away

If you miss the train I'm on
You will know that I am gone
You can hear the whistle blow a hundred miles
A hundred miles, a hundred miles, a hundred miles,
a hundred miles
You can hear the whistle blow a hundred miles

zz Recovering Deleted Files in Linux

Brian Buckeye and Kevin Liston

Most systems administrators have experienced a situation where a vital file has accidentally been deleted without a recent backup. In this article, we’ll explore how to recover files in Linux. To begin, however, there are several caveats:

1. The methods described are emergency measures. They do not replace a working backup process to protect your data. You should also consider version control methods to protect your data from accidents.

2. File recovery is usually a time-consuming process, and often is not completely successful. Once a file is deleted, the space it occupied on the hard drive is marked as “available” and can be overwritten. DO NOT install any file recovery software on the drive that houses the file you want to recover.

3. These data recovery techniques involve elements of luck and timing, in addition to technique. If you’ve suffered an accidental deletion in the first place, luck isn’t necessarily on your side.

4. Even if you do recover the file, there is no guarantee that it will have the same information that was contained in the original. Inspect anything you retrieve and verify the information before you use it in production.

5. There are several factors acting against a successful recovery, including: time, file size, congestion of the disk partition, and the system activity:

• The more time that passes between the deletion of the file and the initiation of the recovery process, the less likely the process will succeed.

• The larger the size of the deleted file, the more likely damage has occurred.

• The more active the system, the more likely the blocks freed by the deletion will be overwritten by new data.

• If there is little free space on the disk partition, the smaller pool of available blocks increases the chance that the deleted data blocks will be re-used.

With those caveats in mind, we’ll examine some options.

Linux and ext2

The default file system used by Linux is the Second Extended File system, referred to as ext2. (Ext3 with its use of journaling has also recently become common, but we will not cover it in this article.) The role of the file system itself is to abstract the physical structure of the storage media. On a physical level, a drive is a series of 512-byte sectors, addressable from 0 to n-1. The file system is responsible for organizing these sectors into files and directories eventually used by applications via the operating system.

Blocks

The Linux file system, ext2, collects sectors into blocks. Ext2 supports block sizes of 1024, 2048, and 4096 bytes. Blocks are organized into block groups. Blocks are either data blocks or superblocks. Data blocks are general-purpose blocks used to store files and directories. Superblocks reside on the border of block groups and contain settings and status of the file system (e.g., formatting and cleanliness state). Block groups consist of a superblock, block allocation bitmap, inode allocation bitmap, inode table, and data blocks. Block groups are usually organized into 8*block-size blocks (e.g., 8192 blocks in a 1024-byte block-sized system). The block allocation bitmap keeps track of which blocks in the block group are in use (allocated vs. free). Our 1024-byte block size example has 1024 bytes responsible for tracking 8192 blocks. Thus, each block is mapped to one bit in the bitmap. (A “1” denotes allocated and a “0” denotes the block to be free.) The make-up of a block group includes a superblock, block allocation bitmap, inode bitmap, inode table, and data blocks.

The inode allocation bitmap work similarly, but typically uses less space than allocated, unless you have defined the system to have one inode per data block (which would be the case in a system optimized to handle a large amount of small files such as a news server). Inodes are special data-structures, each 128 bytes in length, which represent a file. By default, mke2fs (used to format an ext2 partition) reserves an inode for every 4096 bytes of file system space. The first ten inodes in a file system are special purpose:

1 — Bad blocks inode

2 — Root inode

3 — acl index inode (not supported)

4 — acl data inode (not supported)

5 — Boot loader inode

6 — Undelete directory inode (not implemented)

7-10 — Reserved

The bad blocks inode lists all of the data blocks on the file system that have detected unrecoverable errors. The root inode points to the directory file of /. The acl-related and undelete directory inodes are currently not implemented.

Pointers

Inodes contain information about a file, such as modification, access, creation (and deletion) time, ownership, permissions, size, and pointers to the actual data blocks of the file. There are 15 pointers to data blocks; the first 12 are references to direct blocks (actual file-data). The 13th pointer references the indirect block, which is a data block containing a list of 4-byte pointers to direct blocks (i.e., another 256 direct blocks in a 1024-byte block-sized system, 1024 direct blocks in a 4096-byte block-sized inode). The 14th pointer references the doubly indirect block, which is a block containing pointers to 256 (in the case of a 1024-byte block-sized file system) indirect blocks. In other words, the 14th pointer serves as the root of a tree that references 65536 data blocks in a 1024-byte block-sized file-system. The 15th pointer points to the triply indirect block, or a block full of references to doubly indirect blocks. In other words, this forms an asymmetrical tree-structure, where the inode references 15 children, the first 12 are terminal, the 13th has 1 level, the 14th has 2 levels, and the 15th has 3 levels. This causes the 1.6-GB file-size limit on 1024-byte block-sized systems.

Everything is a File

In Linux, directories are simply special files. The second inode in the file system points to /. This directory links to other subdirectories (which are other directory files). Directories are simply lists of four-tuples, consisting of an inode number, entry length, name length, and filename. The entry length denotes the length of the directory entry itself. This structure allows the use of long filenames without wasting disk space, but there is some waste from directories due to block size. This is why you see a size such as 1024 for . and .. in the output of ls -la.

Also implemented with Linux is the /proc pseudo filesystem. Staying consistent with the UNIX everything-is-a-file metaphor, the /proc directory allows access to kernel data structures. The process structures are handy for data recovery. As root, change directory to /proc/, where is the process ID you’re interested in. You will see a number of directories, links, and files (note that they take up no space). Two of these directories are useful for recovering files: /proc//exe, and /proc//fd.

The exe link is an actual pointer to the file that is being executed. The fs link is a directory of file descriptors currently opened or in-use by the process. Every process will have at least three, which are listed first and denote STDIN, STDOUT, and STDERR, respectively. Other possible entries are network sockets (e.g., 20 -> \socket:[450], or port 450) and files (e.g., 4 ->/home/kliston/.list.swp).

In Linux, each inode keeps track of a file’s link count, which is the number of times that a directory lists the inode. When a file is deleted, its entry is removed from the directory file and the inode’s link count is decremented. If this link is reduced to 0, then the inode is marked as “free” in the inode bitmap, and all of the blocks referenced by that inode are marked as “free” in the block bitmap. The deletion time field is set in the inode. The OS also keeps track of the processes linked to an inode. This can be used to your advantage if you are notified of the accidental deletion in time.

Getting Your Files Back

This all may be interesting, but you still need to know how to get your files back. The first step is determining how important the information is, and how vital it is to get it back intact. In Linux, there are a few things you can try before mounting the affected partition in read-only mode.

If you need to recover an executable that happens to be currently running (such as in a forensics case where an intruder has a backdoor running, but has deleted it to cover his tracks), you can recover simply with:

cp /proc/415/exe /tmp/backdoor

If you have a process running that references a recently deleted file, you can try similar tricks with the /proc//fd directory. In the example above, we had:

/proc/415/fd/4 -> /home/kliston/.list.swp

This happened to be the swap file from a vi session. Performing strings 4 returned the contents of /home/kliston/list with some garbage as the header. Using the /proc//fd technique will require some understanding of the applications to be fully successful. To list the files currently open on a system, use lsof, or for a quick and dirty method to generate a list of candidates for this technique:

ls -l [0-9]*/fd|grep 

If you’re not lucky enough to have a case that can be solved by using the /proc recovery techniques, you need to cease write activity to the affected partition. Our examples will be recovering data from /home or /dev/hdc6.

Remount the partition in read-only mode:

mount -o ro,remount -n /home

This will allow you to access the system and stop processes from overwriting your to-be-recovered data blocks. The -n flag instructs mount to not write to /etc/mtab, enabling you to recover data from partitions that contain /etc, such as /.

There are a few factors that can be used to gauge your chances for success. Before kernel 2.2.x, the indirect inode pointers (pointers 13 and above) were also zeroed out when a file was deleted. If you are working with a kernel older than 2.2.0 (use uname -r to find out), you’re limited to the file size that you can recover using a direct inode reference technique. This recoverable limit is 12*block size. You can pull the system’s block size from the superblock by doing the following (where /dev/hdc6 is an example file system):

echo stats|debugfs /dev/hdc6

These examples were performed on a system running kernel version 2.2.19-6. The file system had a block size of 4096 and 10 block groups. Files were recovered from the /dev/hdc6 partition using /home as a mount point. The server saw low-to-moderate activity as a general-purpose server in a home/lab environment.

Using the debugfs utility, you can generate a list of deleted inodes, or inodes that have a non-zero time in their “Deleted Time” field. Generate a list of deleted inodes:

echo lsdel | /sbin/debugfs /dev/hdc6 > /tmp/lsdel.out

This generates an output similar to:

debugfs:   7344 deleted inodes found.

Inode   Owner Mode      Size   Blocks   Time deleted
62984   511   100600   12288   3/   3   Thu Dec 27  10:38:44 2001
62980   511   100644     693   1/   1   Thu Dec 27  10:39:09 2001
110212  511   100644 2123710   520/ 520 Thu Dec 27  10:54:35 2001

Needless to say, a lot of entries were omitted, and we’ve only shown the last three that belong to our user id since that’s what we’re interested in. To examine these files a bit more, use the stat command in debugfs to pull additional information about the file referenced by the inode:

debugfs /dev/hdc6
> stat <110212>

This will return the link count (probably 0), the creation, access, modify, and deletion times, and a list of all of the blocks that make up the file. This information will determine whether this inode is your candidate. To actually recover the data, use debugfs to dump the data to which the inode is pointing to a new file:

debugfs /dev/hdc6
dump <110212> /tmp/recovered

To recover all three of these files, edit /tmp/lsdel.out down to the desired files as /tmp/lsdel.edited and do something like this:

     awk '{print $1}' /tmp/lsdel.edited > /tmp/inodes
    for i in $(cat /tmp/inodes); do echo <$i> \
       -p /tmp/recovered.$u\i" | debugfs
/dev/hdc6; done

This creates a series of files in /tmp, but there is still the task of discovering their names and where to place them.

An alternative method (which is more risky but can work when you don’t have another partition to restore to, and this is rarely the case) involves directly editing the inode itself. Zero-out the deletion date and create a link to the inode (both raising the link count to one, and providing an access point in a directory):

debugfs -w /dev/hdc6
> mi <110212>

This action will walk us through the settings of the inode. It will show the current setting and offer to change it. Press “Return” to accept the current (or default) setting. When you arrive at the “Deleted Time” field, enter “0” and then continue accepting the rest of the settings. Then, change directory to where you want to link the file. Note that the top directory in debugfs will be the mount point, /home in our example:

> cd kliston/
> link <110212> recovered_file

It is important to unmount the altered partition and run fsck upon it. It will discover that there are blocks that are marked as free in the block allocation table, yet linked to an active inode. Let fsck make the required fixes. Now your file will remain safe, otherwise the data blocks will still be marked as available and eventually other files will reuse them and corrupt data.

It is simply a matter of chance should these techniques work. In test recoveries, we were able to help successfully recover log files on December 27th that had been deleted on October 11th. This was from a low-to-mid-use home/lab server, so these results are probably atypical.

Known-Text Recovery

What if the file wasn’t rmed? What if your unfortunate user typed:

cat /dev/null > important_file

In this case, the inode isn’t deleted but all of the data block pointers are zeroed and the data blocks are freed up in the block allocation bitmap. The odds of recovery have just decreased by an order of magnitude, but there are some other options.

The “known-text recovery method” is more of an art than a science and is less likely to succeed, but it has the advantage of working on file systems other than ext2 (such as Solaris’s ufs). This technique involves searching for a known pattern through an image of the affected file system. The pattern should be unique to the file that needs restoration. Crafting the search pattern is the artistic part of the process. A poorly written pattern can return too many hits, or no hits at all.

The example here involves recovering a DNS database file from the catastrophic cat /dev/null > important_domain.com.db. Because we’re looking for a bind data file, we could search on a pattern containing “IN SOA”, or for a known host of the missing domain.

The first active step involved in this technique is the creation of the recovery copy of the partition. By this time, the partition should have already been unmounted, or mounted read-only (see above techniques). Copy the partition to another file system (which must be large enough to hold the affected partition) with a command such as:

dd if=/dev/hdc6 of=/opt/hdc6.image

Apply an fgrep filter to locate the pattern (a unique hostname, in this case) in the recovery image:

fgrep "elmenop" /opt/hdc6.image

Here, we’re looking for the domain record that defined elmenop.important_domain.com. In the test case, this returned most of the domain record surrounded by nulls. It probably recovered unused space from a temporary file that referenced the file, rather than the file itself. If you need to search or use regular expressions, you can use egrep in lieu of fgrep, which will output all instances of your search pattern. Then, based on either knowledge, or trial and error, use fgrep’s -A and -B flags to pull a slice out of your recovery copy into (hopefully) an editable file that can be cleaned up for use.

The -A flag denotes how many lines after the match to print, and -B instructs how many lines before the match that grep will print. In the example, elmenop is a hostname that appears in the domain file. Using some guesswork (based on inspecting other domain data files that were not deleted), there is a window size of seven lines before, and ten lines after. There is added buffer room to our estimates to increase the odds of grabbing all of the usable data in one pass. In this special case, we lacked physical access to the server, and we didn’t have enough space to create a recovery copy, so the action was performed on a live pattern (not recommended unless you’re intentionally pushing your luck as we were):

dd if=/dev/hdc6 | fgrep -B 7 -A 10 --text "elmenop" > \
 /tmp/pattern_match.1

This approach created an editable output, capable of rebuilding the original file. This was successful after cat /dev/null > important_domain.com.db was used to “destroy” the file. The recovery attempt was made less than 24 hours later only to find that the data blocks had been overwritten. Once again, we find that time is not your friend when it comes to data recovery.

Recovery Tools

Are there programs out there to make this any easier? Absolutely. But, as sys admins, we know that you need at least three ways to fix a problem — none of them will work, but they’ll give you an idea for a fourth way that probably will. Taking time to work through the abstraction of the operating system and understand what is happening at a lower level may help you see the problem differently. Tools tend to hide what is going on and may blind you to another answer. Realistically, working through the problem yourself is not always the most expeditious path. These tools may make administration a little easier for you:

The Coroner’s Toolkit

(http://www.fish.com/tct) — A collection of tools originally created for computer forensics work. It includes the data recovery tools unrm and lazarus, both of which can be used to recover accidentally deleted data.

The Recover Tool

(http://recover.sourceforge.net) — Automates the direct inode recovery technique described above. It’s good to use if you have a large number of files to recover.

Conclusion

In the end, retrieving a file on Linux comes down to luck, timing, luck, technique, and luck. Most file recovery tools are fairly inexpensive and easily available and should be a standard part of any systems administrator’s toolbox. So, the next time a user accidentally deletes that vital file, you can say, “Relax, it’s probably already too late. But maybe, just maybe, there’s something I can do.”

References

Ferlito, John and Widdowson, Liam. “Tales from the Abyss: UNIX File Recovery,” Sys Admin magazine, November 2001:

Mandia, Kevin and Prossise, Chris. Incident Response: Investigating Computer Crime. Osborne/McGraw Hill, New York 2001.

Wall, Kurt, Watson, Mark, and Whitis, Mark. Linux Programming Unleashed. Sams, 1999.

Ext2 file Undeletion: http://www.billjonas.com/papers/undeletion.html

Crane, Aaron. Linux Ext2fs Undeletion mini-HOWTO: http://www.praeclarus.demon.co.uk/tech/e2-undel/howto.txt

Card, Remy, Ts’o,Theodore, and Tweedie, Stephen. Design and Implementation of the Second Extended Filesystem: http://e2fsprogs.sourceforge.net/ext2intro.htm

Oxman, Gadi. The extended-2 filesystem overview: http://www.nondot.org/sabre/os/files/FileSystems/Ext2fs-overview-0.1.pdf

Brian Buckeye is the Director of IT for a medium sized Ohio business. He can be reached at: brian@blindpanic.com.

Kevin Liston is a consulting security engineer. He can be reached at: kliston@infornographic.com.

some tips

1. "\ls" will use the raw "ls" instead of the aliased one
2. in Android, if two projects with the same package name are created in Eclipse, they are not going to co-exist on the emulator, the later-installed apk will overwrite the earlier one.
3. resue damaged hard drive:

   dd bs=512 conv=noerror,sync if=/dev/hda of=/some_dir/foo.image

   Also can use gzip or bzip2 to compress.
4. FAT32 can only allow a maximum file size of 4GB. So when doing the data rescue with a destination of FAT32 partition, it will show "stdout: file too large" when the image file reaches 4G. It's not the gzip or bzip2 problem. Solution is to change the file system. BTW: better stay away from HFS, an Apple monoply file system, except some frenetic apple fans who are using HFS for all their drives.
5. On an Apple iBook G4, hold down 'Option' key when it boots, will let you choose the boot media. If having trouble ejecting a disc, ultimate solution is to restart the computer while holding down the trackpad button.
6. The hfsplus file system is supported in linux kernel, which has to be selected. The location is 'File systems -> Miscellaneous filesystems -> Apple xxxx support'.
7. To burn an toast image under windows: use daemon-tools to mount the toast image, then use DVD burn software to copy from the virtual device to the destination DVD-RAM. Windows is not able to read files from the toast image.
8. convert dmg file to iso (under mac os x)
   

   hdiutil convert /path/to/filename.dmg -format UDTO -o /path/to/savefile.iso
   

   It will add a .cdr suffix. Just rename it to iso.
9. xargs with blank space in file name. The GNU xargs (used on Linux) has a -0 (zero) option; this means the pathnames it reads are separated by NUL characters instead of whitespace. GNU's find (also used by Linux) has a -print0 operator that puts a NUL between pathnames instead of a newline. Use them together like this:

   find . -type f -mtime +7 -print0 | xargs -0 rm

   Here is a good article on find/xargs.
   

The art of font selection.

Recently I am reading the manual of latex-beamer, because I want to use it for presentation. There is a chapter called `Guidelines for Creating Presentations' in beameruserguide.pdf, which is worth reading line by line. Besides guide lines for presentation, it describes cons and pros of various fonts and how to select appropriate ones. There is art in font selection. Well, everyone who has played with linux desktop optimization will agree. But it is still interesting to read the user guide.

For example, in the small caps part, it first states the disadvantage of uppercase text.

Text typeset in small caps is harder to read than normal text. The reason is that we read by seeing the “shape” of words. For example, the word “shape” is mainly recognized by seing one normal letter, one ascending letter, a normal letter, one descending letter, and a normal letter. One has much more trouble spotting a misspelling like “shepe” than “spape”. Small caps destroy the shape of words since shape, shepe and spape all have the same shape, thus making it much harder to tell them apart. Your audience will read small caps more slowly than normal text.

Then it adds

This is, by the way, why legal disclaimers are often written in uppercase letters: not to make them appear more important to you, but to make them much harder to actually read.

Great Article on Linux dd command

Author: AwesomeMachine @ LinuxQuestions.org

original link

I followed the instructions to create an image for my windows drive. It's killing me to reinstall xp.

creating backup image

dd if=/dev/hda1 | bzip2 > /home/winxp.image.bz2

restoring image

dd if=/home/winxp.image.bz2 | bunzip2 | dd of=/dev/hda1

Compiz Fusion: a not recommend configuration

UPDATE: Hooooray!! The border is on after I add the `decoration` plugin to the very last line of /usr/bin/compiz-start. Also I change this file to use `emerald` instead of `gtk-window-decorator` and it works!!!! So I know one thing, can't fully trust `ccsm` and always turn to reliable command line. Oh, if `emerald --replace` has no output, no error, it's probably means it's working. Compiz fusion rocks! Even better if I can have a better video card~



Compiz Fusion is not working perfectly on my gentoo. First of all, no window border. After several days googling, I gave up. A note, if `emerald --replace` or `gtk-window-decorator --replace` is working fine, then that's the compiz configuration problem. My case is that these two commands does nothing, no output, no change, no error. But I can live with that.

Second problem that took me a long time is the configuration. The setting in `ccsm` does not take effect and even cause a compiz segmentation error. Then I used a brute force configuration. Not recommended, only for desperate people.

1. gain root privilege
   
2. use `ccsm` to determine which plugins should be needed, the plugin name can be found in Preferences | plugins list.
3. modify the last line of /usr/bin/compiz-start, delete "gconf", add all the plugins you want to enable. Backup before change.
   
4. modify the corresponding xml files in /usr/compiz to change the behavior, remember to make backup file before change. And be careful.
5. add all the compiz fusion related packages to package.mask to prevent from any modificaton.
6. compiz-start and good luck. Check the error output in case the xml format is messed up.
   

APPENDIX: /etc/X11/xorg.conf


Section "ServerLayout"
Identifier "Layout0"
Screen 0 "aticonfig-Screen[0]" 0 0
InputDevice "Keyboard0" "CoreKeyboard"
InputDevice "TouchPad" "AlwaysCore"
InputDevice "Mouse1" "CorePointer"
EndSection

Section "Files"

FontPath "/home/fonts"
FontPath "/usr/share/fonts/100dpi"
FontPath "/usr/share/fonts/cyrillic"
FontPath "/usr/share/fonts/wqy-bitmapfont"
FontPath "/usr/share/fonts/75dpi"
FontPath "/usr/share/fonts/default"
FontPath "/usr/share/fonts/misc"
FontPath "/usr/share/fonts/Type1"
FontPath "/usr/share/fonts/ttf-bitstream-vera"
FontPath "/usr/share/fonts/corefonts"
FontPath "/usr/share/fonts/zh-kcfonts"
FontPath "/usr/share/fonts/util"
# FontPath "/usr/local/share/fonts"
# FontPath "/usr/X11R6/share/fonts"

EndSection

Section "Module"
Load "freetype"
# Load "xtt"
Load "extmod"
Load "glx"
Load "dri"
Load "dbe"
Load "record"
Load "xtrap"
Load "type1"
Load "speedo"
EndSection

Section "InputDevice"
Identifier "Mouse1"
Driver "mouse"
Option "Protocol" "IMPS/2"
Option "Emulate3Buttons"
Option "ZAxisMapping" "4 5"
Option "Device" "/dev/input/mice"
EndSection

Section "InputDevice"
Driver "synaptics"
Identifier "TouchPad"
Option "Device" "/dev/input/mouse0"
Option "Protocol" "auto-dev"
Option "LeftEdge" "1700"
Option "RightEdge" "5300"
Option "TopEdge" "1700"
Option "BottomEdge" "4200"
Option "FingerLow" "25"
Option "FingerHigh" "30"
Option "MaxTapTime" "180"
Option "MaxTapMove" "220"
Option "VertScrollDelta" "100"
Option "MinSpeed" "0.09"
Option "MaxSpeed" "0.18"
Option "AccelFactor" "0.0015"
Option "SHMConfig" "on"
EndSection


Section "InputDevice"
Identifier "Keyboard0"
Driver "kbd"
Option "XkbModel" "pc104"
Option "XkbLayout" "us"
EndSection

Section "Monitor"

### Comment all HorizSync and VertSync values to use DDC:
Identifier "Monitor0"
HorizSync 31.5 - 64.3
VertRefresh 60.0 - 90.0
DisplaySize 331.8 207.3 ## for 15.4", DPI=98
EndSection

Section "Monitor"
Identifier "aticonfig-Monitor[0]"
Option "VendorName" "ATI Proprietary Driver"
Option "ModelName" "Generic Autodetecting Monitor"
Option "DPMS" "true"
EndSection

Section "Device"
Identifier "Card0"
Driver "radeon"
Card "ATI Graphics Xpression"
EndSection

Section "Device"
Identifier "aticonfig-Device[0]"
Driver "fglrx"
# BusID "PCI:2:0:0"
Option "DesktopSetup" "horizontal"
Option "VideoOverlay" "on"
Option "UseFastTLS" "2"
Option "EnablePrivateBackZ" "on"
Option "DynamicClocks" "on"
Option "XAANoOffscreenPixmaps" "true"
Option "TexturedVideo" "On"
Option "DRI" "true"
Option "MonitorLayout" "LVDS,AUTO" #Enable Externel Monitor
EndSection

Section "DRI"
Mode 0666
EndSection

Section "Extensions"
Option "Xvideo" "Enable"
Option "Composite" "Enable" ## critical
EndSection

Section "Screen"
Identifier "Screen0"
Device "Card0"
Monitor "Monitor0"
DefaultDepth 24
SubSection "Display"
Viewport 0 0
Depth 24
Modes "1280x800" "1024x640"
EndSubSection
EndSection

Section "Screen"
Identifier "aticonfig-Screen[0]"
Device "aticonfig-Device[0]"
Monitor "aticonfig-Monitor[0]"
DefaultDepth 24
SubSection "Display"
Viewport 0 0
Depth 24
Modes "1280x800" "1024x640"
EndSubSection
EndSection

Section "ServerFlags"
# Option "DontVTSwitch" "True" # kills the Ctrl+Alt+F(1-6) virtual terminal switch commands
# Option "DontZap" "True" # kills the Ctrl+Alt+Backspace command
EndSection

Gentoo troubleshootings

After 3 and half days. I got gentoo upgraded on my acer 5102WLMi. Gentoo is a great distro. Love it. Now audio is working, but still not camera.

The Name:

The Gentoo species is the fastest swimming penguin.

Hardware specification

1. Processors : AMD Turion 64x2 TL50 (1.60GHz, 512K L2 cache)
2. Chipset: ATI RS480
   
3. Displays: 15.4" WXGA (1280 x 800 resolution)
4. Graphics Card: ATI Radeon Xpress 1100
   
5. Optical Drive: DVDRW
   
6. Sound Card: integrated, snd-hda-intel, realtek
   
7. Wireless Networking: Atheros AR5005G 802.11abg
8. MMC reader: ENE Technology Inc SD/MMC Card Reader
   
9. I/O Ports : 3 USB 2.0, Audio jacks, 15-pin monitor connector, PCMCIA slot.
   

Useful links

1. Gentoo documentation
2. audio setup: http://gentoo-wiki.com/HARDWARE_Acer_Aspire_5102WLMi
3. articles with gentoo tag: http://kunxi.org/
4. Google

Notes:

1. when upgrading, first emerge update all packages, resolve blockings(uninstall or upgrade, if circular blocking, --nodep). Then revdep-rebuild.
   
2. use "equery" to look at installed packages
3. gcc-config, kernel-config, etc to choose from different slots.
4. make.conf, package.keywords, package.mask, package.unmask, package.use, ...
5. if use "startx", add "gnome-session" to .xinitrc, else X will not load gnome.
   
6. firefox+flash

   sudo echo "net-www/netscape-flash" >> /etc/portage/package.unmask
sudo emerge -av netscape-flash nspluginwrapper

7. firefox+mplayerplug-in (UPDATE: "emerge adobe-flash" will do the job)
   

   sudo echo "net-www/mplayerplug-in -firefox divx quicktime realmedia wmp" >> /etc/portage/package.use
## Make sure no browser running
sudo emerge -av mplayerplug-in
ln -s /usr/lib/nsbrowser/plugins/mplayerplug-in.so $HOME/.mozilla/plugins/mplayerplug-in.so

8. cp936 support is not default in kernel, so need to add support in kernel.

   File Systems --->
   DOS/FAT/NT Filesystems --->
   Native Language Support

9. teTeX set up, "latex" does not come with the package automatically, seems there are a lot of high-level TeX users.
   

   emerge -av tetex
   texconfig confall ## check all the output
   texconfig rehash
   texconfig init ## will generate all other binaries: latex, omega,...
   emerge -av app-emacs/auctex ## a must-have package for emacs+latex
   emerge -av emacs-update ## as the package suggest

10. use TuxOnIce to do hibernate and hibernate-ram, just follow this HOWTO. Work like a charm. ATTENTION: if the lid-and-battery script is used, DO NOT put the code directly in `/etc/conf.d/local.conf'. It will run forever and will not act as a child. Instead, paste the script code into a file, say `/etc/lid_battery_suspend', do a `chmod u+x /etc/lid_battery_suspend.sh', and then add one line `/etc/lid_battery_suspend.sh &' to `/etc/conf.d/local.conf'.
    HOWEVER, after one suspend/hibernation, this script will be stopped and not be loaded. An alternative way is to let acpi take care of this. Look at /etc/acpi/events and change the actions for lid and battery. Then restart acpid service. Well, you take the risk.
11. clean gnome desktop, use gconf-editor (looks like register table in Windows), find apps \ nautilus \ desktop, uncheck, uncheck, uncheck. Nice pure wallpaper.
12. HOWTO take compiz screen shot: open gimp, go to File > Aquire > Screenshot. You can set a delay of however many seconds to give yourself time to get the cube in the right position. Hold it there until the PC's speaker beeps.
13. HOWTO_NTP, NTP (Network Time Protocol) is used to synchronize your system's time with an online server.

    echo "net-misc/ntp caps" >> /etc/portage/package.use
    emerge -av ntp
    vi /etc/conf.d/ntp-client # can change the OPTS, change time servers
    /etc/init.d/ntp-client start # start sync
    #rc-update add ntp-client boot # optional

    ntp-client is only a wrapper of ntpdate program. If need to sync automatically, need to start ntpd. Ahh, before setting NTP, check /etc/localtime, if not in the right time zone, copy or link corresponding zone file from /usr/share/zoneinfo/.
14. (Nov 16,2008) Well, alsa packages(alsa-driver, alsa-lib, alsa-headers, alsa-util) 1.0.18 update is not working and I cannot figure out why, the sound card can not be found. So I downgraded back to 1.0.17, but the alsa-lib remains 1.0.18. And it's back to work! Mask them at once.
    

xorg-x11 troubleshooting:

1. "xauth: error in locking authority file /home/usrname/.Xauthority", will result in a dark screen with cursor usable after "startx", but nothing shows up. And the command window keeps prompting:

   xlib: connection to :0.0 refused by X server
   xlib: no specified protocol

   The solution is to use

   xauth -b quit

   to break existing lock, also check the permission of .Xauthority.
2. ati-drivers

   fglrx(0): incompatible kernel module .......
   

   update ati-driver, even with the ~ keyword
3. cannot startx, the error shows

   Synaptics DeviceOn Called
   Can't initialize SocketServer
   Failed to initialize Panel Agent

   
   It's probably because you have deleted or modified the /tmp directory, please check the permission of this directory, or just do a sudo chmod 777 /tmp.
   

hibernate troubleshooting:

1. The Problem: hibernate works under text mode. But under X mode, it resumes at the "Going Atomic" step and gives an error saying

   another suspend already in progress?

2. The Solution:

   The error in 'Going Atomic' is probably because you need to increase the
   allowance we make for drivers allocating memory during the atomic copy.
   Assuming you're using the hibernate script, this is done by editing
   /etc/hibernate/suspend2.conf. If you cat /sys/power/tuxonice/debug_info
   after an attempt at hibernating, the last line will say something like:
   
   - Extra pages: 1069/500.
   
   This means that 1069 pages were needed, but we only allowed for 500. In
   that case, you'd want to add something along the lines of
   
   ProcSetting extra_pages_allowance 2000
   
   to /etc/hibernate/suspend2.conf.
   
   (courtesy from http://lists.tuxonice.net/pipermail/tuxonice-users/2008-February/000202.html)

VIM tricks and tips

Efficient Editing With vim

Use Vim Like A Pro

Two important concepts in vi:

marks and registers.

marks: start with ` and '

ma        set mark '''a''' at current cursor location
'a        jump to line of mark a (beginning of line)
`a        jump to position of mark a
d'a       delete from current line to line of mark a
d`a       delete from current cursor position to position of mark a
c'a       change text from current line to line of mark a
y`a       yank text to unnamed buffer from cursor to position of mark a
''        jump back (to line where jumped from)
`0        jump to position in last file edited (when exited Vim)
``        jump back (to position where jumped from)
:marks    list all the current marks

registers start with ", use "* register to communicate with system clipboards.

There are nine types of registers:
1. The unnamed register ""
2. 10 numbered registers "0 to "9
3. The small delete register "-
4. 26 named registers "a to "z or "A to "Z
5. four read-only registers ":, "., "% and "#
6. the expression register "=
7. The selection and drop registers "*, "+ and "~
8. The black hole register "_
9. Last search pattern register "/

ATTENTION: 26 named registers, upper case is used to append contents, not different registers.

registers manual

fast notes for registers:

When you copy and cut stuff, it gets saved to registers. You can pull stuff from those registers at a later time.

 :reg     - show named registers and what's in them
"5p      - paste what's in register "5

You can also record a whole series of edits to a register, and then apply them over and over.

 qk       - records edits into register k
      (q again to stop recording)
@k       - execute recorded edits (macro)
@@       - repeat last one
5@@      - repeat 5 times

"kp      - print macro k
      (e.g., to edit or add to .vimrc)
"kd      - replace register k with what cursor is on

Tips And Tricks

The * and # Keys

In normal mode you can use * and # to search for the word under the cursor. * search forwards, # backwards.

The . Key

Also useful is the . key. In normal mode it repeats the last change. Very useful for XML editing and where you have to do similar stuff.

The % Key

Pressing the % key in normal mode while being on a parenthesis or a similar construct jumps to the opposite parenthesis. There are a couple of plugins that extend that functionallity but the default behavior is usually good enough for most of the programming languages.

The <> Keys

When working with Python you often have to indent or outdent a couple of lines. Just mark them using the visual mode and press > to indent them. press 4< to outdent them 4 steps etc.

Advanced Undo Features

Vim has a different system of undoing changes. The normal undo is u in normal mode and ^r is redo. But what happens if you undo a few things and then change something? A normal editor forgets about the new changes. It's not possible to redo that again.

In Vim it's different. Vim starts a new undo branch. Using :undolist you can have a look at the possible undo states. With :earlier 20s / 1m / 2h you can then go back 20 seconds, one minute etc. Traveling forward in time works using :later and a timedelta as argument.

The Search Feature

I really like the firefox search feature. Just hit "/" and you can search in the current file and get the results in real time. That works with vim exactly the same. All you have to to is to either add :set incsearch into your vimrc or type it into the command prompt. Using n you can go to the next result. If you want to have all the search results highlighted use :set hlsearch. Hiding the results works using :nohl

Closing XML Tags

If you have the closetag.vim plugin installed (link above) you can add this to your vimrc in order to get the feature working: autocmd FileType html,xhtml,xml source ~/.vim/scripts/closetag.vim (update the path to your installation and your filetypes of course) Once this is done you can close open tags using ^_.

Regexp Replacement after Search

If you searched for a text using /foo and you now want to replace the found results with something you don't have to write this regexp again. Just do :%s///replacement/g and is automatically replaced with the last search regular expression.

Using Bookmarks

Bookmarking in vim is darn easy. If you are on the current line just bookmark it with mX where X is a lowercase letter from a to z. Go to that mark using 'X where X is the same letter again. Using '' you can jump back to the position you were before jumping to the bookmark. You can get the list of bookmarks using :marks.

The Vim File Browser

The Vim File browser is a nice thing. If you open a file using :e and that file is a directory you get a nice file browser for the files in that directory. If you are a python developer you probably want to filter some files out (*.pyc etc). Add this to your vimrc: let g:explHideFiles='^\.,.*\.pyc$' This hides pyc files as well as hidden files.

The Wildmenu

The best vim feature is the wildmenu. Add a set wildmenu to your vimrc and discover the possibilities of filesystem surfing ^^ Enter :e in the command line and press ^D. Vim will show you all possibitilites in a nice little window. By entering the start of a filename and pressing tab it completes for you then. If it was a folder you can now press ^D again to get the contents. Once you finished the command this window will disappear again and you can continue working. Works of course for all commands not only the open command.

Vim Completion Features

Last tip but maybe the most powerful one :). If you have vim7 and omni completion for your language you can use ^X^O to get the completion similar to intelli sense or how it's called. Note that the default color (pink) can be overridden in the theme. In my fruity.vim file i use this to get white letters on a dark red background: hi Pmenu guifg=#ffffff guibg=#cb2f27

Also nice is ^N. It looks up all used words in the open buffers and presents then in a dropdown completion. Useful if you have long variable names and don't remember them. Just type in the start of the variable name and press ^N. Vim will either complete it or show the list of possibilities.

罗大佑 -- 告别的年代

告别的年代----罗大佑

风轻轻的吹,
夜沉沉的醉.
谁又在午夜的远处里想念着你,
远处的午夜的梦里相偎依
仰望着蓝色的天边的回忆,
好像你无声的临别的迟疑.
每一次手牵着手像在守护着你,
守护着仅剩的潇洒和犹豫.
每一次凝视的眼神的凝聚,
羽化成无奈的离愁的点滴.

道一声别离,
忍不住想要轻轻地抱一抱你.
从今后姑娘我将在梦里早晚也想一想你.
告别的年代,
分开的理由,
终不须诉说出口.
亲爱的让我快见你一面,
请你呀点一点头.

黄色的蓝色的白色的无色的你,
阳光里闪耀的色彩真美丽.
有声的无声的脸孔的转移,
有朝将反射出重逢的奇迹.
风轻轻的吹,
夜悄悄的睡.
夜沉沉的醉.


appendix:
Embedding Windows Media Player WMA

pdflatex and pdfpages are your friends

when you wanna insert multi-page external pdf files to the current latex file or merge several multi-page pdf files into one single pdf file.

Refrash filename database

teTeX

Run:
texhash

web2c

On a current web2c distribution, texhash ought to work; if it doesn't, run mktexlsr

fpTeX

Click Start-> Programs-> Texlive-> Maintenance-> Rebuild ls-R filenames databases, or open a "command" window and run texhash

MikTeX

On a MikTeX distribution earlier than v2.0, click Start-> Programs-> MikTeX-> Maintenance-> Refresh filename database

or get a DOS window and run:
initexmf --update-fndb

On a MikTeX distribution v2.0 or later, do:
Start-> Programs-> MikTeX 2-> MikTeX Options, and press the Refresh now button (Update filename database in earlier versions of MikTeX).

宾克斯的酒 -- 热情海贼版本

尾田大神One Piece第488话, 宾克斯的酒, 热情海贼汉化,演绎版本按照沧海一声笑填词,挺好.

====[[[[宾克斯的酒]]]]====

演绎版本 哟霍霍霍霍 哟霍霍霍霍 送你杯，宾克斯的酒 迎风破浪任我遨游 夕阳好，汹涌浪潮 歌声豪壮气势如涛 离港口，莫回呀头 纵歌一曲不念乡愁 波光粼粼，男儿之道 扁舟驶向，天涯海角 啦...啦... 送你杯，宾克斯的酒 大海上我独领风骚 立舰桥，发长啸 骷髅旗帜分外妖娆 雷电怒，风雨急 巨浪起舞啊我吹笛 好男儿，艰险不避 明日自然云开雨霁 哟霍霍霍霍 哟霍霍霍霍 送你杯，宾克斯的酒 昨夜今宵梦里寻不到 岸上的人儿，越来越小 纵然永别你莫懊恼 送你杯，宾克斯的酒 放声高歌乐陶陶 人生苦短，福祸难料 更要在今宵畅饮欢笑

直译版本 哟霍霍霍 哟霍霍霍 X4 我给你送去，宾客斯的酒 海风，自由自在，随波逐流 海潮的对面，夕阳夺目 鸟在空中回翔歌唱 再见了港口，纺织品之乡 大着嗓门唱起，出航的歌曲 金银色波光粼粼，化作了飞沫 我们向前行，直到海角 - - 我给你送去，宾客斯的酒 我们海贼，纵横大海 浪做枕头，船做睡袋 帆就是旗帜，骷髅当球踢 暴风雨来了，海荒千里 波浪在跳舞，我们也敲鼓 谁要是胆怯了就完蛋了 又不是说看不见明天的太阳了 哟霍霍霍，哟霍霍霍 x4 我给你送去，宾客斯的酒 梦里是今天还是明天 和挥手的那个人影，已经不能再会 别那么烦恼，明天会有明月 我给你送去，宾客斯的酒 大着嗓门唱起，大海的歌曲 反正不管是谁，早晚也是白骨一堆 没有尽头，没有目标，笑话而已